Policy Library
The Policy Library is the landing page for Segregation of Duties inside IGA > SoD. It lists all SoD policies in your organization and is the starting point for creating, managing, and monitoring policies.
Navigate to IGA > SoD > Policy Library to open it.
Policy Library landing page showing the list of SoD policies with Policy Name, Policy ID, Status, Owners, and Created By columns
!Policy Library landing page showing the list of SoD policies with Policy Name, Policy ID, Status, Owners, and Created By columns
Policy Library landing page showing the list of SoD policies with Policy Name, Policy ID, Status, Owners, and Created By columns
Policy Library showing the Active Violations count column and row-level action menu
!Policy Library showing the Active Violations count column and row-level action menu
Policy Library showing the Active Violations count column and row-level action menu
Each row shows the policy name, policy ID, status, owners, active violations count, created by, and available actions. Use the filter icon to narrow the list by Policy Name, Status, Owners, Last Run Violations, or Created At.
Policy Library filter panel showing Policy Name, Status, Owners, Last Run Violations, and Created At filter options
!Policy Library filter panel showing Policy Name, Status, Owners, Last Run Violations, and Created At filter options
Policy Library filter panel showing Policy Name, Status, Owners, Last Run Violations, and Created At filter options
Select Create Policy to open the 5-step creation wizard.
Manage a policy
The three-dot menu on any policy row, or in the policy detail page header, exposes the following actions.
The following table describes each policy action.
| Action | Description |
|---|---|
| Create Draft | Creates an editable draft from the current published version. Use this to edit a published policy, including changing enforcement mode, without affecting the live version. |
| Run Evaluation | Manually triggers a detection run immediately, outside the configured schedule. |
| Duplicate | Creates a copy of the policy in Draft status. |
| Unpublish | Deactivates the policy. Zluri blocks unpublishing when the policy has active violations, active exemptions, or ongoing runs. A tooltip explains the requirement. |
| Archive | Permanently archives the policy. |
Policy Library row action menu showing Create Draft, Run Evaluation, Duplicate, Unpublish, and Archive
!Policy Library row action menu showing Create Draft, Run Evaluation, Duplicate, Unpublish, and Archive
Policy Library row action menu showing Create Draft, Run Evaluation, Duplicate, Unpublish, and Archive
Three-dot policy action menu showing Create Draft, Run Evaluation, Duplicate, Unpublish with active-violations tooltip, and Archive
!Three-dot policy action menu showing Create Draft, Run Evaluation, Duplicate, Unpublish with active-violations tooltip, and Archive
Three-dot policy action menu showing Create Draft, Run Evaluation, Duplicate, Unpublish with active-violations tooltip, and Archive
Policy Library row showing the same action menu without the tooltip, where Unpublish is available
!Policy Library row showing the same action menu without the tooltip, where Unpublish is available
Policy Library row showing the same action menu without the tooltip, where Unpublish is available
Promote a policy from Monitor to Enforce
Upgrade a published Monitor-mode policy to Enforce mode without re-creating it.
Steps
- Open the published policy.
- Select the three-dot menu and choose Create Draft. Zluri creates a draft copy of the policy.
- In the Remediation step of the draft, change the mode from Monitor to Enforce.
- Configure the Violation Handling shape, Assignee, and Playbooks for each set.
- Set a Risk level.
- Enter a Publish Note and select Publish.
Zluri back-tests existing open violations against the new enforcement configuration after publishing. To revert to Monitor mode, create a new draft, switch the mode back to Monitor, enter a Publish Note, and re-publish.